patch 'test/security: fix IPv6 extension loop' has been queued to stable release 23.11.3

[Xueming Li]

Hi,

FYI, your patch has been queued to stable release 23.11.3

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 12/10/24. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://git.dpdk.org/dpdk-stable/log/?h=23.11-staging

This queued commit can be viewed at:
https://git.dpdk.org/dpdk-stable/commit/?h=23.11-staging&id=4227ec424b9bfa85301d65bfc0928ea9c903e597

Thanks.

Xueming Li <xuemingl at nvidia.com>

---
>From 4227ec424b9bfa85301d65bfc0928ea9c903e597 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen at networkplumber.org>
Date: Thu, 21 Nov 2024 10:23:24 -0800
Subject: [PATCH] test/security: fix IPv6 extension loop
Cc: Xueming Li <xuemingl at nvidia.com>

[ upstream commit 0151b80786ebbc62f0ead73bd4708665228a093d ]

The parenthesis were in the wrong place so that comparison
took precedence over assignment in handling IPv6 extension
headers.  Break up the loop condition to avoid the problem.

Link: https://pvs-studio.com/en/blog/posts/cpp/1179/
Fixes: 15ccc647526e ("test/security: test inline reassembly with multi-segment")

Signed-off-by: Stephen Hemminger <stephen at networkplumber.org>
Acked-by: Bruce Richardson <bruce.richardson at intel.com>
Acked-by: Chengwen Feng <fengchengwen at huawei.com>
---
 app/test/test_security_inline_proto_vectors.h | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/app/test/test_security_inline_proto_vectors.h b/app/test/test_security_inline_proto_vectors.h
index 3ac75588a3..0b4093d19a 100644
--- a/app/test/test_security_inline_proto_vectors.h
+++ b/app/test/test_security_inline_proto_vectors.h
@@ -498,10 +498,12 @@ test_vector_payload_populate(struct ip_reassembly_test_packet *pkt,
 			if (extra_data_sum) {
 				proto = hdr->proto;
 				p += sizeof(struct rte_ipv6_hdr);
-				while (proto != IPPROTO_FRAGMENT &&
-				       (proto = rte_ipv6_get_next_ext(p, proto, &ext_len) >= 0))
+				while (proto != IPPROTO_FRAGMENT) {
+					proto = rte_ipv6_get_next_ext(p, proto, &ext_len);
+					if (proto < 0)
+						break;
 					p += ext_len;
-
+				}
 				/* Found fragment header, update the frag offset */
 				if (proto == IPPROTO_FRAGMENT) {
 					frag_ext = (struct rte_ipv6_fragment_ext *)p;
--
2.34.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2024-12-06 23:26:47.070377807 +0800
+++ 0090-test-security-fix-IPv6-extension-loop.patch	2024-12-06 23:26:44.103044826 +0800
@@ -1 +1 @@
-From 0151b80786ebbc62f0ead73bd4708665228a093d Mon Sep 17 00:00:00 2001
+From 4227ec424b9bfa85301d65bfc0928ea9c903e597 Mon Sep 17 00:00:00 2001
@@ -4,0 +5,3 @@
+Cc: Xueming Li <xuemingl at nvidia.com>
+
+[ upstream commit 0151b80786ebbc62f0ead73bd4708665228a093d ]
@@ -12 +14,0 @@
-Cc: stable at dpdk.org
@@ -22 +24 @@
-index b3d724bac6..86dfa54777 100644
+index 3ac75588a3..0b4093d19a 100644
@@ -25 +27 @@
-@@ -519,10 +519,12 @@ test_vector_payload_populate(struct ip_reassembly_test_packet *pkt,
+@@ -498,10 +498,12 @@ test_vector_payload_populate(struct ip_reassembly_test_packet *pkt,